Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,985
Erlang
29
GitHub Actions
16
Go
1,774
Maven
5,000
npm
3,541
NuGet
617
pip
3,123
Pub
10
RubyGems
838
Rust
790
Swift
34
Unreviewed advisories
All unreviewed
5,000+

5,757 advisories

Loading
Moodle CSRF risk in analytics management of models High
CVE-2024-34008 was published for moodle/moodle (Composer) May 31, 2024
The WP Stacker WordPress plugin through 1.8.5 does not have CSRF check in some places, and is... Moderate Unreviewed
CVE-2024-5003 was published Jun 7, 2024
The wp-cart-for-digital-products WordPress plugin before 8.5.5 does not have CSRF checks in some... High Unreviewed
CVE-2024-6075 was published Jul 15, 2024
The CB (legacy) WordPress plugin through 0.9.4.18 does not have CSRF checks in some bulk actions,... Moderate Unreviewed
CVE-2024-4382 was published Jun 21, 2024
The WP Logs Book WordPress plugin through 1.0.1 does not have CSRF check when clearing logs,... Moderate Unreviewed
CVE-2024-4475 was published Jun 21, 2024
The WP Logs Book WordPress plugin through 1.0.1 does not have CSRF check in place when updating... Moderate Unreviewed
CVE-2024-4474 was published Jun 21, 2024
A Cross-Site Request Forgery vulnerability in GitHub Enterprise Server allowed write operations... Moderate Unreviewed
CVE-2024-5815 was published Jul 17, 2024
NETGEAR R6250 before 1.0.4.6.Beta, R6400 before 1.0.1.18.Beta, R6700 before 1.0.1.14.Beta, R6900,... High Unreviewed
CVE-2016-6277 was published May 17, 2022
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via ... High Unreviewed
CVE-2024-40329 was published Jul 10, 2024
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via ... High Unreviewed
CVE-2024-40331 was published Jul 10, 2024
The VikRentCar Car Rental Management System WordPress plugin before 1.3.2 does not have CSRF... High Unreviewed
CVE-2024-1845 was published Jul 11, 2024
Cross-Site Request Forgery (CSRF) vulnerability in MyThemeShop SociallyViral.This issue affects... Moderate Unreviewed
CVE-2024-37938 was published Jul 12, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Internal Link Juicer Internal Link Juicer: SEO... Moderate Unreviewed
CVE-2024-37941 was published Jul 12, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Ali2Woo Team Ali2Woo Lite allows Cross-Site... High Unreviewed
CVE-2024-37213 was published Jul 12, 2024
Cross-Site Request Forgery (CSRF) vulnerability in VolThemes Patricia Lite.This issue affects... Moderate Unreviewed
CVE-2024-37939 was published Jul 12, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Seraphinite Solutions Seraphinite Accelerator ... High Unreviewed
CVE-2024-37940 was published Jul 12, 2024
Cross-Site Request Forgery (CSRF) vulnerability in WPJohnny, zerOneIT Comment Reply Email allows... High Unreviewed
CVE-2024-35773 was published Jul 12, 2024
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via ... Moderate Unreviewed
CVE-2024-40328 was published Jul 10, 2024
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via admin/info_deal... Moderate Unreviewed
CVE-2024-39119 was published Jul 2, 2024
Cross Site Request Forgery (CSRF) vulnerability in savignano S/Notify before 4.0.2 for Confluence... High Unreviewed
CVE-2024-23736 was published Jul 2, 2024
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via ... Moderate Unreviewed
CVE-2024-40038 was published Jul 9, 2024
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via ... Moderate Unreviewed
CVE-2024-40035 was published Jul 9, 2024
A vulnerability has been found in SourceCodester Employee and Visitor Gate Pass Logging System 1... Moderate Unreviewed
CVE-2024-6649 was published Jul 10, 2024
Cross-Site request forgery in Checkmk < 2.3.0p8, < 2.2.0p29, < 2.1.0p45, and <= 2.0.0p39 (EOL)... High Unreviewed
CVE-2024-28828 was published Jul 10, 2024
Insecure handling of GET header parameter file included in requests being sent to an instance of... High Unreviewed
CVE-2024-3798 was published Jul 10, 2024
ProTip! Advisories are also available from the GraphQL API